News

Two flaws fixed, one knee bent to the EU, and a budding cybersecurity star feature in iOS 17.4

Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited.…

Additional cuts announced, sparking fears of further layoffs

Outsourcing giant Capita today reported a net loss of £106.6 million ($135.6 million) for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.…

Please don't scare away foreign investors - who do you think pays for this stuff?

SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "last resort" to protect national security.…

Government mighty displeased about a shared Active Directory that led to a big data leak

Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…

As the crooks behind the attack - probably ALPHV/BlackCat - fake their own demise

The US government has stepped in to help hospitals and other healthcare providers affected by the Change Healthcare ransomware infection, offering more relaxed Medicare rules and urging advanced funding to providers.…

Insurance giant blames Infosys, LockBit claims credit

Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information — including bank account and routing numbers, credit card numbers and security or access codes — after breaking into Infosys' IT systems in the fall.…

Where better to expose confidential data than on a dating app?

Yet another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information (NDI) overseas.…

If you're still on X you'd better disable this insecure-by-default calling feature, lest someone snatch your IP

Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and we're warning Reg readers yet again to disable the feature - this time because it appears to expose user IP addresses.…

Exploits began within hours of the original disclosure, so patch now

Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server.…

Penny Appeal sent more than 460,000 texts asking for money to help war-torn countries, no opt out

Typically it is energy improvement peddlers or debt help specialists that are disgraced by Britain's data watchdog for spamming unsuspecting households, but the latest entrant in the hall of shame is a charity.…

Claims to protect against DDoS, sensitive data leakage

Cloudflare has tweaked its web application firewall (WAF) to add protections for applications using large language models.…

Don't leave home without … IT security

A security failure at a third-party vendor exposed an untold number of American Express card numbers, expiry dates, and other data to persons unknown.…

No honor among thieves?

ALPHV/BlackCat, the gang behind the Change Healthcare cyberattack, has received more than $22 million in Bitcoin in what might be a ransomware payment.…

Kim Jong Un's all in for home-built silicon says warning

North Korean government spies have broken into the servers of at least two chipmakers and stolen product designs as part of attempts to spur Kim Jong Un's plans for a domestic semiconductor industry, according to Seoul's security agency.…

Officials can't tell whether the tape was edited, but fear Kremlin has more juicy bits to release in the future

The German Ministry of Defense (Bundeswehr) has confirmed that a recording of a call between high-ranking officials discussing war efforts in Ukraine, leaked by Russian media, is legitimate.…

Increasingly clear number of permanent solutions is narrowing

Global law enforcement authorities' attempts to shutter the LockBit ransomware crew have sparked a fresh call for a ban on ransomware payments to perpetrators.…

When you can't lock 'em up, lock 'em out

Opinion  The best cop shows excel at mind games: who's tricking whom, who really wins, and what price they pay. A twist of humor adds to the drama and keeps us hooked. It's rare enough in real life, far less so in the grim meat grinder of cybersecurity, yet sometimes it happens. It's happening right now.…

ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns

Infosec in brief  The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. But despite its posturing, the gang might have suffered more than it's letting on.…

Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year

Feature  Two US intelligence bigwigs last week issued stark warnings about foreign threats to American election integrity and security – and the nation's ability to counter these adversaries.…

Turns out bragging on Discord has unfortunate consequences

Jack Teixeira, the Air National Guardsman accused of leaking dozens of classified Pentagon documents, is expected to plead guilty in a US court on Monday.…